2 matches found
CVE-2020-25657
CVE-2020-25657 affects all released versions of the Python m2crypto library. The vulnerability arises from Bleichenbacher timing attacks in the RSA decryption API when processing valid PKCS#1 v1.5 ciphertext, with confidentiality as the highest threat. Connected documents tie the CVE to m2crypto,...
CVE-2023-50781
CVE-2023-50781 affects the Python m2crypto library and relates to Bleichenbacher timing attacks against RSA decryption, enabling potential remote decryption of TLS traffic that uses RSA key exchanges. The vulnerability is tied to m2crypto’s RSA decryption API, with references noting this as an in...